VDOO’s Holistic Approach to IoT Security

VDOO’s approach to security, which was conceived by our security experts and embedded-systems security researchers, puts the device in the center. Automated technologies to analyze any device and understand its specific threat landscape and security gaps lay the foundations to establishing security layers one on top of the other as a holistic 360° protection shield. Our approach enables full ownership of your device’s security and successfully answers the IoT security challenge in a scalable, fast, and cost-effective manner. This approach addresses both device makers and the enterprises deploying them and is suitable for new and legacy devices.

The IoT Security Challenge

The security challenge in the IoT ecosystem involves all players: device makers, organizations deploying the devices, integrators, regulators, and individual private users. Although each player can improve the security state to some extent, the ability to lead real change stems from the first link in the chain—the device makers.

The device makers’ challenge lies in the supply chain process that lacks visibility into third-party components that their device includes. Moreover, even when aware of insecure components, anticipating third-party providers for fixing their code or responding to a discovered vulnerability may take months to years. Rarely do device makers receive access to code for manually fixing third-party components and even then, it may take a lot of time, resources, and skills. The challenge is even more difficult when dealing with open-source code if the device includes packages that are no longer supported by the community. Device makers must gain visibility into their device components to generate a BOM per device and to make the process of fixing critical security issues quick and scalable. Such a process is fast only when focused on security gap mitigation and hardening based on balanced security requirements prioritization, rather than broad code-fixing that takes a longer time and impacts time to market and IoT adoption as a whole.

IoT security enablement based on the unique supply chain, market, and technology challenges

Security by Design

Bake Security Building Blocks into the Device

Embedding the right security during the device pre-release phase decreases the attack surface dramatically and tackles most of the IoT cyber threats, making it very hard to exploit vulnerabilities even if they exist. Basic and advanced, known and unknown attack methods that utilize default credentials, exploit unsecured APIs and other software vulnerabilities, leverage faulty communication protocols, overwrite firmware, or perform brute-force attacks, are all weakened once an appropriate security implementation takes place. In order to implement the right security and make it harder to exploit the device with the various attack vectors, the device maker must not only be aware of the security issues but also able to understand their implications and of course, how to fix them. In this manner, VDOO differentiates from any vulnerability scanners or any other code review tools.

VDOO’s solutions that play a significant role in this phase is Vision™—a device-centric hardening automation platform that analyzes the device’s firmware and provides a balanced security requirement report followed by a detailed mitigation guide in a matter of minutes.

Security – Condition & Indication

Allowing a Sense of Security on Top of the Reality of Security

At VDOO, we believe that only the connection between the reality of security and a sense of security will make a real change in the IoT ecosystem since it will enable a higher adoption rate, which is currently inhibited because the devices are not secure enough and, accordingly, the deployer’s trust is low. Therefore, we help device makers prove they have invested in implementing the right security posture in their devices by offering an advanced security certification mechanism. This also helps the organizations that deploy these devices make smarter decisions while estimating device alternatives based on better visibility and risk-assessment capabilities.

Once the device’s security state is proper, VDOO’s CertIoT™ is provided as a deed for the device maker, as a physical stamp on top of the device packaging and as a digital signature for signaling the device security posture to other network nodes.

Runtime Active Protection

Proactive Steps to Significantly Raise the Security Level

Runtime security on the end-device itself is essential to deal with threats that cannot be identified through the network, let alone unknown threats such as exploitation of zero-day vulnerabilities. Although embedding the right security is a significant step and contributes a lot to decreasing the risk exposure, it is not enough since attackers are constantly trying to exploit even highly secure devices using creative methods and zero-days exploits for ransom, theft, reputation, and even pleasure. The challenge is to produce the specific runtime protection for any connected device based on its unique attributes and profile.

VDOO Embedded Runtime Agent - ERA™ is being generated automatically for any device model to deal with its specific potential threats as well as technical scope and resources. It allows on-device detection and prevention and enables predictive security and control by integrating it into other network security solutions. Protecting the device from within by an on-device agent is essential since it is the only effective solution for coping with IoT device threats that cannot be detected by common network security solutions.

Predictive Security & Real-Time Threat Intelligence

One Step Ahead of the Attackers

Threats are evolving rapidly, threatening even devices or networks that are considered as secure as possible. Keeping up-to-date with the latest emerging threats is critical for continuously protecting devices by updating their firmware with a non-vulnerable version as soon as a new threat that may affect them has emerged.

VDOO Quicksand™ honeypot solution was built for luring the attacker and revealing if your network is an attacker’s target, as well as the attack methods, techniques, and goals. The honeypot provides visibility of any kind of activity taking place on the device and allows monitoring for a wide range of threats—known and unknown. Whistler™ was designed for providing push-alerts and insightful updates that have an impact on security. Both solutions aim for dealing with the attacker’s sophistication evolvement in a fast and automated manner.

This approach led us to create all of our products to be automated, device-centric, and industry agnostic—together these constitute one integrated, end-to-end solution for IoT security.